Millennials may think they’re privacy experts, but recent research from mobile security firm Lookout found that few practice what they preach.

In a recent Lookout survey of more than 1,000 smartphone owners, 52% of those who claimed to be security savvy didn’t read privacy policies before downloading mobile apps, 34% didn’t set a PIN or passcode on their phones, and 35% downloaded mobile apps from unofficial marketplaces.

The survey also found that those who claim to be privacy experts are most likely to partake in risky mobile behavior, like connecting their smartphones to unsecured public Wi-Fi networks, visiting unfamiliar sites on their phones, and plugging their phones into public charging stations.

While these actions may seem benign, they can leave people’s mobile devices — and the sensitive personal and work data stored on those devices – vulnerable to thieves, according mobile safety advocate at Lookout, Cherie Gatson.

“Mobile devices are small but mighty,” Gatson said. “[But] because these devices fit in our back pockets, we sometimes forget that they carry immense amounts of highly sensitive data.

“It’s important to understand that once any device has the ability to store confidential or personal data, there’s now an incentive for cyber criminals to target it.”

Getting your smartphone hacked can lead to all kinds of personal and professional problems, according to CEO of Silicon Valley security firm Bitglass, Nat Kausik. As more and more people store both personal and work data on their phones, a security breach on one mobile device can have a ripple effect.

“If someone gets access to your phone, they can access your email and password, which can then control access to your bank accounts and anything where you have a login,” Kausik said.

Security experts recommend setting a PIN or passcode on smartphones as a first line of defense against thieves and, on public Wi-Fi networks, limiting email, social networking and online shopping. Smartphone users should also clear their mobile Web browsing history regularly and, if they’re uncomfortable with an app knowing your location, turning off location services.

“Mobile devices have become the predominant computing platform, and require just as much protection as PCs and laptops,” Gatson said.